From owner-freebsd-stable Sat Feb 24 16:30: 7 2001 Delivered-To: freebsd-stable@freebsd.org Received: from resentment.verloid.net (90.ppp1-8.osl1.world-online.no [213.142.76.218]) by hub.freebsd.org (Postfix) with ESMTP id 2803D37B65D for ; Sat, 24 Feb 2001 16:30:03 -0800 (PST) (envelope-from needle-mls@world-online.no) Received: from resentment.verloid.net (localhost.verloid.net [127.0.0.1]) by resentment.verloid.net (8.9.3/8.9.3) with SMTP id BAA01760 for ; Sun, 25 Feb 2001 01:29:56 +0100 (CET) (envelope-from needle-mls@world-online.no) From: needle-mls@world-online.no Received: by resentment.verloid.net (sSMTP sendmail emulation); Sun, 25 Feb 2001 01:29:56 +0100 Date: Sun, 25 Feb 2001 01:29:56 +0100 To: freebsd-stable@freebsd.org Subject: libcrypto hosed when compiled with optimizations Message-ID: <20010225012956.A1726@resentment.verloid.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 3.5-STABLE Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, On my 4.2-stable system I have tweaked my /etc/make.conf to compile sources with -O -mcpu=686 -march=pentiumpro -funroll-loops and as far as I can tell, everything is working flawlessly except for ssh with protocol v2. For some reason when I ssh -2 localhost, or ssh -2 anywhere else I get the following error: % ssh -2 -v arrakis (...) debug: Host 'arrakis' is known and matches the DSA host key. debug: bits set: 499/1024 debug: len 55 datafellows 0 debug: dsa_verify: signature incorrect dsa_verify failed for server_host_key debug: Calling cleanup 0x80592a0(0x0) Ssh'ing from a computer with unoptimized binaries to my workstation, using protocol v2, works so sshd is obviously fine. Recompiling libcrypto without -O -mcpu etc. fixes the problem. It's obviously a little picky about how it's compiled. Now I'm wondering if my foot wound is more serious, could anything else have blown up as well or is the crypto code just more touchy? I use the same optimizations on the kernel, while ports are compiled with -O2 and as I mentioned earlier I have not noticed anything else not working. Has anyone done any testing which shows that things actually run faster, or are the binaries just more likely to be flawed? For the record, this is 4.2-stable as of Feb. 22 with OpenSSH 2.3.0. Regards, Jo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message